20 matches found
EUVD-2021-1575
Malware in sbrugna...
EUVD-2021-1568
Malware in sbrugna...
Cross-site Scripting (XSS)
Overview ammonia is a whitelist-based HTML sanitization library. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the cleaning process when handling embedded svg or math tags. An attacker can execute arbitrary scripts in the context of the affected application by...
Fedora 44 : python-nh3 / rust-ammonia (2025-06a8d5853b)
The remote Fedora 44 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-06a8d5853b advisory. Update the ammonia crate to version 4.1.2 and rebuild python-nh3 to apply fixes for RUSTSEC-2025-0071. Tenable has extracted the preceding description block...
Linux Distros Unpatched Vulnerability : CVE-2021-38193
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the ammonia crate before 3.1.0 for Rust. XSS can occur because the parsing differences for HTML, SVG, and MathML are mishandled, a...
CVE-2021-38193
An issue was discovered in the ammonia crate before 3.1.0 for Rust. XSS can occur because the parsing differences for HTML, SVG, and MathML are mishandled, a similar issue to CVE-2020-26870...
CVE-2019-15542
An issue was discovered in the ammonia crate before 2.1.0 for Rust. There is uncontrolled recursion during HTML DOM tree serialization...
SUSE CVE-2019-15542
An issue was discovered in the ammonia crate before 2.1.0 for Rust. There is uncontrolled recursion during HTML DOM tree serialization...
GHSA-5325-XW5M-PHM3 Cross-site Scripting in ammonia
An issue was discovered in the ammonia crate before 3.1.0 for Rust. XSS can occur because the parsing differences for HTML, SVG, and MathML are mishandled, a similar issue to CVE-2020-26870...
Uncontrolled recursion in ammonia
An issue was discovered in the ammonia crate before 2.1.0 for Rust. There is uncontrolled recursion during HTML DOM tree serialization...
DEBIAN-CVE-2021-38193
An issue was discovered in the ammonia crate before 3.1.0 for Rust. XSS can occur because the parsing differences for HTML, SVG, and MathML are mishandled, a similar issue to CVE-2020-26870...
CVE-2021-38193
An issue was discovered in the ammonia crate before 3.1.0 for Rust. XSS can occur because the parsing differences for HTML, SVG, and MathML are mishandled, a similar issue to CVE-2020-26870...
Design/Logic Flaw
An issue was discovered in the ammonia crate before 3.1.0 for Rust. XSS can occur because the parsing differences for HTML, SVG, and MathML are mishandled, a similar issue to CVE-2020-26870...
UBUNTU-CVE-2021-38193
An issue was discovered in the ammonia crate before 3.1.0 for Rust. XSS can occur because the parsing differences for HTML, SVG, and MathML are mishandled, a similar issue to CVE-2020-26870...
CVE-2021-38193
CVE-2021-38193 : A cross-site scripting vulnerability exists in the ammonia crate for Rust, prior to version 3.1.0. The issue arises from mishandled parsing differences between HTML, SVG, and MathML, enabling an attacker to inject malicious scripts. The vulnerability is related to, and similar in...
CVE-2021-38193
An issue was discovered in the ammonia crate before 3.1.0 for Rust. XSS can occur because the parsing differences for HTML, SVG, and MathML are mishandled, a similar issue to CVE-2020-26870...
CVE-2021-38193
An issue was discovered in the ammonia crate before 3.1.0 for Rust. XSS can occur because the parsing differences for HTML, SVG, and MathML are mishandled, a similar issue to CVE-2020-26870...
CVE-2019-15542
An issue was discovered in the ammonia crate before 2.1.0 for Rust. There is uncontrolled recursion during HTML DOM tree serialization...
CVE-2019-15542
An issue was discovered in the ammonia crate before 2.1.0 for Rust. There is uncontrolled recursion during HTML DOM tree serialization...
CVE-2019-15542
An issue was discovered in the ammonia crate before 2.1.0 for Rust. There is uncontrolled recursion during HTML DOM tree serialization...